Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/61d42d-3b48-468e-9ad9-215fc390bfe4/1/ogw06bC9fSA5JtwbxjqBTwB8S7M.roa
File: ogw06bC9fSA5JtwbxjqBTwB8S7M.roa (raw, json)
Hash identifier: vrhz7RBPhJfh55j3s/uctrpkU981dgPSyM1irPhVjqk=
Subject key identifier: A2:0C:34:E9:B0:BD:7D:20:39:26:DC:1B:C6:3A:81:4F:00:7C:4B:B3
Certificate issuer: /CN=61b7202c9230c289450ed5a62b17369a0659bc6b
Certificate serial: 018E7AF698D089DCC102195DB65DA96A521E
Authority key identifier: 61:B7:20:2C:92:30:C2:89:45:0E:D5:A6:2B:17:36:9A:06:59:BC:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbcgLJIwwolFDtWmKxc2mgZZvGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/61d42d-3b48-468e-9ad9-215fc390bfe4/1/ogw06bC9fSA5JtwbxjqBTwB8S7M.roa
Signing time: Tue 26 Mar 2024 13:32:45 +0000
ROA not before: Tue 26 Mar 2024 13:32:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59790
IP address blocks: 45.141.252.0/22 maxlen: 22
185.104.40.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/61d42d-3b48-468e-9ad9-215fc390bfe4/1/YbcgLJIwwolFDtWmKxc2mgZZvGs.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/61d42d-3b48-468e-9ad9-215fc390bfe4/1/YbcgLJIwwolFDtWmKxc2mgZZvGs.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbcgLJIwwolFDtWmKxc2mgZZvGs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7a:f6:98:d0:89:dc:c1:02:19:5d:b6:5d:a9:6a:52:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b7202c9230c289450ed5a62b17369a0659bc6b
Validity
Not Before: Mar 26 13:32:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a20c34e9b0bd7d203926dc1bc63a814f007c4bb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:99:91:ad:09:a2:e0:22:ec:bc:22:c2:b7:7d:
57:43:c3:bb:6b:dc:07:96:9a:ba:4a:60:40:e4:d9:
06:7b:f3:7b:ab:40:53:0e:5d:30:b8:55:cd:e8:da:
25:91:e8:7f:83:da:3b:70:46:5f:c0:94:d8:9c:64:
62:ee:85:1c:6c:f0:f2:54:3e:91:49:8c:05:74:00:
6f:12:4a:b4:51:82:b6:df:95:df:0b:fa:ca:55:a9:
2e:63:17:19:ae:94:3f:79:2c:5a:4d:f8:58:d1:77:
d0:64:ca:fa:e5:fe:b3:50:95:ea:7d:5f:1e:78:b2:
0b:72:f4:64:71:be:c2:f7:6a:d8:74:eb:8a:9d:b3:
50:2d:12:56:7e:44:b0:e2:f9:3e:bb:5d:9a:c6:f9:
4b:5c:e9:e0:13:9a:f8:24:26:b6:05:2f:c3:1f:ae:
ad:15:c0:22:f3:16:df:2f:94:1d:7d:9a:bf:1e:cb:
d9:35:5a:f1:78:bd:d3:26:61:ba:45:37:38:34:b2:
df:d7:47:83:1a:4c:44:ae:8c:0f:f4:4a:ea:24:1f:
b0:2d:fe:c1:71:82:90:a5:83:3d:21:c8:67:c8:aa:
e6:37:1d:6d:8a:e6:22:9a:c4:05:c4:ea:f6:cf:6c:
bb:f8:79:cc:db:99:8f:a6:cb:5a:8b:4d:07:cd:de:
be:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:0C:34:E9:B0:BD:7D:20:39:26:DC:1B:C6:3A:81:4F:00:7C:4B:B3
X509v3 Authority Key Identifier:
keyid:61:B7:20:2C:92:30:C2:89:45:0E:D5:A6:2B:17:36:9A:06:59:BC:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbcgLJIwwolFDtWmKxc2mgZZvGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/61d42d-3b48-468e-9ad9-215fc390bfe4/1/ogw06bC9fSA5JtwbxjqBTwB8S7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/61d42d-3b48-468e-9ad9-215fc390bfe4/1/YbcgLJIwwolFDtWmKxc2mgZZvGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.252.0/22
185.104.40.0/22
Signature Algorithm: sha256WithRSAEncryption
94:54:56:57:6e:43:bf:37:cb:e0:f6:8c:3a:3c:6f:ed:79:07:
91:6a:8e:ef:6b:82:07:fa:cc:13:a9:e1:51:88:20:a0:83:d8:
e9:b8:3e:3a:25:36:66:79:6c:17:10:7d:0d:4b:72:6d:95:d3:
cb:45:40:57:a4:e9:b5:7c:be:93:38:a7:c0:65:cd:09:4b:6e:
d7:d5:54:43:c1:67:62:cb:f5:30:2c:14:14:9a:e3:b2:1e:eb:
b2:c3:06:6f:28:09:6d:12:d3:74:c2:4f:0c:45:3f:d0:87:e0:
88:84:23:c9:a4:ad:f3:9b:5b:37:d8:b3:15:22:59:c5:74:28:
1d:aa:ff:e3:72:6a:fa:b6:01:4c:81:f4:40:2e:a5:58:47:14:
90:2e:08:cb:af:d4:ef:c0:bf:5d:c7:f9:c4:82:92:9d:9b:eb:
fa:68:bd:c7:83:bd:35:0d:af:5f:9d:ac:fb:87:79:80:a1:d6:
cf:55:70:55:95:90:2a:e0:37:f3:13:2d:fd:23:49:fc:6d:7e:
82:84:be:e1:ee:65:70:32:38:78:a7:1a:66:6d:f7:ab:a5:32:
36:06:b4:d6:b2:5f:34:08:d3:55:8a:73:b7:5d:51:d8:88:d3:
58:44:03:96:5a:5e:44:3b:e7:44:54:c2:8e:31:07:63:a0:e2:
85:45:07:75
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY569pjQidzBAhldtl2palIeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYjcyMDJjOTIzMGMyODk0NTBlZDVhNjJiMTczNjlhMDY1
OWJjNmIwHhcNMjQwMzI2MTMzMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjBjMzRlOWIwYmQ3ZDIwMzkyNmRjMWJjNjNhODE0ZjAwN2M0YmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJmRrQmi4CLsvCLCt31XQ8O7a9wH
lpq6SmBA5NkGe/N7q0BTDl0wuFXN6Nolkeh/g9o7cEZfwJTYnGRi7oUcbPDyVD6R
SYwFdABvEkq0UYK235XfC/rKVakuYxcZrpQ/eSxaTfhY0XfQZMr65f6zUJXqfV8e
eLILcvRkcb7C92rYdOuKnbNQLRJWfkSw4vk+u12axvlLXOngE5r4JCa2BS/DH66t
FcAi8xbfL5QdfZq/HsvZNVrxeL3TJmG6RTc4NLLf10eDGkxErowP9ErqJB+wLf7B
cYKQpYM9IchnyKrmNx1tiuYimsQFxOr2z2y7+HnM25mPpstai00Hzd6+RQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKIMNOmwvX0gOSbcG8Y6gU8AfEuzMB8GA1UdIwQY
MBaAFGG3ICySMMKJRQ7VpisXNpoGWbxrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWJjZ0xKSXd3b2xGRHRXbUt4YzJtZ1padkdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC82MWQ0MmQtM2I0OC00NjhlLTlhZDkt
MjE1ZmMzOTBiZmU0LzEvb2d3MDZiQzlmU0E1SnR3YnhqcUJUd0I4UzdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC82MWQ0MmQtM2I0OC00NjhlLTlhZDktMjE1ZmMzOTBiZmU0
LzEvWWJjZ0xKSXd3b2xGRHRXbUt4YzJtZ1padkdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLY38AwQC
uWgoMA0GCSqGSIb3DQEBCwUAA4IBAQCUVFZXbkO/N8vg9ow6PG/teQeRao7va4IH
+swTqeFRiCCgg9jpuD46JTZmeWwXEH0NS3JtldPLRUBXpOm1fL6TOKfAZc0JS27X
1VRDwWdiy/UwLBQUmuOyHuuywwZvKAltEtN0wk8MRT/Qh+CIhCPJpK3zm1s32LMV
IlnFdCgdqv/jcmr6tgFMgfRALqVYRxSQLgjLr9TvwL9dx/nEgpKdm+v6aL3Hg701
Da9fnaz7h3mAodbPVXBVlZAq4DfzEy39I0n8bX6ChL7h7mVwMjh4pxpmbferpTI2
BrTWsl80CNNVinO3XVHYiNNYRAOWWl5EO+dEVMKOMQdjoOKFRQd1
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:06:15 2024 by rpki-client on console-ams.rpki-client.org